Posted
by
michael
on Saturday September 22, 2001 @05:06PM
from the no-deadbolts-for-you dept.

firewort writes: "Sen. Judd Gregg (R-New Hampshire), who called for global backdoors in encryption products in a floor speech last week, is readying legislation. This is another push for backdoors - but it seems that Gregg wants them to be used cautiously, only with permission from a US Supreme court appointed commission, subject to normal search and seizure rules." Representative Goodlatte, who has supported strong encryption before, is one of the few people speaking out against this.

Does it bother anyone besides me that Congress is using the terrorist attacks as a blank check to take away civil liberties? As we all know, this bill has been proposed that would require back doors (or weaker encryption) in all encryption products, which is NOT okay in my book. I'm all in favor of heightened security carried out in an intelligent manner, but this is completely ridiculous.

We all know that encryption is hardly used except by criminals and the paranoid.

Do you bank online? Have you ever bought anything online? Does your company engage in e-commerce or EDI? Have you ever used Lotus Notes?

These are strong encryption applications, without any backdoors (yet). How will you feel about government-mandated encryption backdoors when some 31337 HaXoRs strip your bank and credit-card accounts? Are you so naive as to imagine that the government will make you whole? ("Gee, we're not responsible for losses due to criminal activity" say the cops.) Do you think that Judd Greg will recompense your life savings lost to backdoor crypto? You must be a troll, drunk, on crack, or all of the above, to have posted that moronic spineless garbage here. Just shoot yourself, it's painless.

True freedom requires security of those freedoms. To be secure, you might have to give up some of your liberties.

So what you're saying is that in order to have freedom you must give up some of your liberties. Fascinating semantic distinction.

As to the rest of your bizarrely illogical rant, may I take a few issues?

We all know that encryption is hardly used except by criminals and the paranoid.... Personally, I don't use it nor does anyone I know.

So you don't know anyone who uses it, and the only people who use it are criminals and paranoids. How did you manage that conclusion if you don't know any of them?

We hire these people to protect us, we pay them taxes, yet you don't want to allow them to do their jobs?

Forgive me, but does this mean that if I don't pay taxes I am exempt to having my civil liberties taken away? Or was there some checkbox on the 1040 form that read "Yes, I want to be spied on."?

As others have pointed out, this kind of bullshit proposal only has two ways of succeeding. The first is if we convice all the terrorists to upgrade to backdoored software. Good luck.

The second is if we convince everyone else to upgrade and hope the terrorists don't hear about it. Then we can construe their use of strong crypto as an admission of guilt. How many seconds of profound thought do you think it will take the next terrorist to figure out to wrap his strongly encrypted messagse in a weakly encrypted envelope?

"Aha," one might say, "but that can still be detected by decrypting the outer layer!" Yes indeed, but only if the government routinely decrypts every message sent anywhere by any means. Perhaps including the U.S. postal service. So in order to preserve our freedom we must all be spied on by means that continuously and actively compromise the privacy of every law-abiding citizen. In exchange we will learn the identities (but not the encrypted messages) of the terrorists. Then we can haul them into court and charge them with having a secret. I'm sure people willing to die a fiery death for their cause are going to tremble at the thought of being jailed for contempt of court. Or will that become a death-penalty offense as well?

The second is if we convince everyone else to upgrade and hope the terrorists don't hear about it. Then we can construe their use of strong crypto as an admission of guilt. How many seconds of profound thought do you think it will take the next terrorist to figure out to wrap his strongly encrypted messagse in a weakly encrypted envelope?

Or better yet, using classic stenographic principles, using the encrypted message as a key for encrypting a completely innocuous message. How are you going to break that one? Espectially when the key escrow has record of your key (which is the actual encrypted message.

Chances are the terrorists didn't use encrypted email. Why would these obviously intelligent albeit extremely evil perpetrators risk having their messages intercepted and cracked by US spooks? They met face-to-face to formulate their plans, in caves or rooms with blacked-out windows and the stereo blasting. They might have used the 'net to find the more lightly loaded flights, and then again, maybe they just went to the airport and hung around watching the crowds.

Do you really think that having key escrow will really work!? Do you even realize that the majority of cryptographic software is manufatured outside of the USA, where the USA has no jurisdiction. Do you really think that Afganistian will stop using the cryptographic software already available?

Key escrow will work as a law enforcement tool in the following limited, but nonetheless useful, way.

It cannot actually prevent anyone from using cryptography that does not have a backdoor.

However, what it will do is allow law enforcement to stop, interrogate, hold and arrest a suspected terrorist on the grounds that the person has a cryptography program on their computer that does not have the approved backdoor. It will give law enforcement something to hold them on. This can be important. Let me make an analogy to the kife situation.

Prior to the events of 9/11, it was perfectly LEGAL to board an airplane with a knife with a blade up to 4 inches in length. If somebody was found trying to board an airplane, or on an airplane, with such a knife, there was no legal basis to question, much less arrest, them. Indeed, if someone was found with TEN such knives, there was no legal basis to hold them. They just walked away. Hell, you might not be able to keep them off the airplane.

Now, there is a new regulation banning ALL knives, no matter what the blade length. Will this new regulation prevent any determined person from carrying a knife on board? Given the current state of security, probably not. Unless you ban, or thoroughly search, all hand luggage, and frisk all passenengers, no. I'm sure right now I could probably carry an 8 inch (or ten 4 inch) glass, ceramic, or plexi-glass knife (knives) on board and get away with it. So, does that make the law useless?

No, because, compared to before, if they DO detect my 10 glass, ceramic, or plexi-glass knives with 4 inch blades, they can actually prevent me from boarding the plane, hold me, question me, interrogate me, and arrest me. They can pursue the matter.

Obviously, the anlogy to cryptographic software is far from perfect, but the principle is the same. No, you can't really PREVENT anyone from using such software w/o a backdoor if they really want to. But what it does do is give you a legal basis to stop, interrogate, and, if need be, arrest them.

Is it worth it? I'll leave it up to others to discuss that issue for now. But one cannot say it would serve absolutely NO purpose.

>However, what it will do is allow law enforcement to stop, interrogate, hold and arrest a suspected terrorist on the grounds that the person has a cryptography program on their computer

Yet another flawed idea. It may work on the brain dead. But is easily avoided by everyone anyone else.

You take someone's computer, anyone's computer. They likely to have hundreds of thousands or even several million files on it - with thousands or maybe tens of thousands of executables. Somewhere in that lot is an executable which contains the "illegal" encryption and decryption routines. An exectuable with a misleading name, which also does something entirely legitimate, which may itself be compressed or encrypted.

You're going to have to scan every file to see if it is exectuable, or a compressed or encrypted executable. When you find your executable you're going to have to do some very detailed analysis to see if it offers any "forbidden" functions.

Analysis of a system for unauthourised crypto programs is going to take serious time and serious resources.

If you have a strong suspect, by the time you've unscrambled what's on their computer the result is pretty academic - it's going to be far too late to assist any ongoing investigation - the trail to the next link will have gone cold.

If you don't have a strong suspect this is going to be useless as an investigation - you can't use it for screening - ANYONE you care to check is going to take so much time and money before you can eliminate the suspect as to make the techinique worthless.

Even at its absolute best, The proposed restrictions will achieve little more that provide an extra, technical offence to charge the obviously guilty with.

The test isn't "does it serve ANY purpose" - it is "does it serve any USEFUL purpose" - and the answer is that it doesn't.

You may think that it is still worth the cost to the rest of us. I don't.

Everyone knows that any law that the government can abuse, it will abuse. Can anyone dispute the fact that it'll be using these backdoors routinely, if illegally, a few years down the line?
BTW, SECOND POST BITCHES!!!

if they outlaw the export of encryption "devices", device in this case including a description of how a thing works

If they outlaw a description of something, that would abridge the freedom of speech, or of the press. Can't throw away the First Amendment without another amendment to the Constitution of the USA. Sure, they cold outlaw the export of those descriptions, but how could they keep something that is freely published in the USA to leak away?

I think rather than ScriptKiddies, it will be these mythical, supposedly Russian CyberMafia[tm] guys, you know, the ones who hack for dollars by breaking into e-commerce sites and getting card numbers, will probably invest in a beowulf cluster and mount an attack on the cypher to discover the backdoor, whether it's a master key or an algorithm.

I say that if this passes, we should make a strong attempt to break and publish (in plain english) how to get at these backdoors. No schematics, no code, nothing that can't be backed by 1st amendment protection.

Then we can point out that these keys could be used to break into banks, e-commerce, etc. and urge everyone to stop using these facilities in order to protect against terrorism;)

Exactly. Steganography is a much more effective tool for facilitating covert communication. That's why spies have been using it for decades, posting personal ads in the paper or signs on a telephone pole, or just a book code.

The problem with these tragedies is that everyone is scared of being for encyrption and privacy for fear of being seen as sympathetic to terrorism and not getting re-elected. I'm glad there are at least one senator that can see that this was a horrible tragedy, but that that shouldn't change everyone else's rights.

Now is the time to contact your representative, your senators and probably even your local media and tell them exactly how much damage this legislation could do.

Tell them about encryption used to protect your online banking transactions. Tell them about encryption used to protect company secrets. Tell them that this is bad for trade. Tell them that this is bad for innovation (unless you're Microsoft I guess)... Tell them how you feel about it.

Don't just sit back and let this go through. If nobody says "this is bad" then it will be passed...

While telling your congress critters, be polite, spell check before sending. Fax and/or write rather than e-mail. Call them and talk to them. But however you do it, make sure that your voice is heard.

As a "libertarian", I'd argue that your vendor in the example does have the right to charge anything: before, during or after an event.

Note that I said that the behavior was immoral - not illegal, impractical, unprofitable, etc. A fundamental moral behavior for a trader is to not aggressively exploit your customer. Sure, a good profit is nice, but exploitation and establishing abnormal pricing solely upon your customer's actual or perceived crisis is predatory and unethical.

Plus, there is a function of mass hystaria that is fed by unethical traders and I'd expect them to have accountability for further inciting fear and panic.

But how can it be immoral to raise prices in response to a perceived pinch in supply? Should the vendor keep selling at the low price, thus causing people to rapidly exhaust his supply? They'll line up around the block and fill Jerry cans, rejoicing in the low price. Then the vendor has to close up shop until he can get more gas. Is that what you recommend?

Doesn't every business have a right (as long as they're not a monopoly) to set their prices as they see fit?

Without getting into ethical arguments, the fact remains that businesses do NOT have that right under the law.

Getting into the ethical bit: nor should they, IMHO. We need smaller government, yes, but if there are not some controls placed on businesses they'll screw us over. This is a sensible place for gov't regulation. It protects us, and not in that offensive reading-your-email way.

For example, what if price fixing was legal... Imagine how much gas would cost. (Green freaks, replace "gas" with any other important product manufactured by only a few companies, and keep your "I wish!" statements to yourself.) With such a high barrier to entering that market, there is no practical way for a competitor to jump in and undercut the price-fixing consortium. That is the system with maximum freedom, but it still sucks!

If such actions became commonplace among average Americans, then reps would probably give it some consideration. As it stands, however, the average American isn't even likely to know who his/her reps are, let alone bother to contribute to any of them.

wouldn't it make more sense if we just applied current laws and required that, upon presentation of an appropriate warrent, you had to decrypt documents and files that the authorities tell you to decrypt rather than having some third parties do it for you and them?

That would be nice, except for a little item called The Fifth Amendment [usconstitution.net] to the United States Constitution.

"No person... shall be compelled in any criminal case to be a witness against himself".

Perhaps we should pass a law specifically against crashing airplanes into buildings. As far as I know there isn't a law *specifically* against this, and we all know that *everyone* follows every law all the time. We probably need both a federal statute and numerous state and local ordinances to let would-be terrorists know we're serious.

The WTC disaster does not change the validity of a single one of those reasons, namely:
1) Strong encryption is vitally necessary to any digital communication involving business and finance

Especially where these communications can be trivially intercepted.On the other hand encryption is not a necessity for planning acts of terrorism. A terrorist is more likely to use such low tech methods as face to face communication.

Yep. Somehow it is utterly un-surprising that Congress is using this as an excuse to take away more of our basic rights. The day the WTC and Pentagon were hit I could tell instantly that Congress was going to take this and turn it in to "If you want more national security, you have to give up personal security." Anyway, we cannot allow this to happen. You can draw a parrallel:

Congress:People
Terrorists:USA

Because only will of the people will be able to overcome the legislation that congress proposes, just as the will of the USA and other countries would be able to overcome the terrorists. And both the terrorists and congress are going to end up taking our rights away, as Congress is using the terrorist's acts to "justify" taking away rights for "national security."

I end this with a note of hope: You elected your Congressmen (and Congresswomen), so now to maintain your rights, you need to call them or E-Mail them. They are there to represent YOU, so let them know how you feel!

How about those of us using secure encryption now? Will using non-compromised versions of PgP be a felony? Will having a copy on your hard drive be dangerous?

The other day I was at the office store, puttzing around the crappy software (though Office Max is carrying various Linux distros.) and I noticed they were selling a nice boxed Pgp + firewall+ miscellaneous crap product from Macaffe called "network security" or something like that. Made me wonder how they are going to root all the sheeple out there that can barely maintain their windows boxen out from the supposed "terrorists".

So let me get this right, he wants to create legislation that won't stop bad guys because A) it only effects the US and B) the bad guys wouldn't bother using backdoored software AND he want's to mire it in quasi-judicial controls so that the bureaucracy will make use of the backdoor a rare and slow event (at least for legal government purposes).

If it wasn't for the fact that any such restrictions impose an extra burden on software/hardware manufacturers and limit the security of encryption, I'd start to think this was nothing but feel good legislation that would never accomplish anything. Sure doesn't seem to be accomplishing anything good.

On the issue of encryption Goodlatte is usually right on target. He has been vehemently oppose to laws which would limit its accessability to average Americans. However on other issues he is a total nut in my opinion. He is staunchly pro-DMCA and is proud that he took a part in its creation.

Yet as a Virginian I'm ashamed that someone from my state played a role in the creation of such an anti-American bill. Give the man kudos for defending crypto in Congress at a time like this, but don't think that he is a freedom-loving politician. He said at my high school (I'm a freshman in college now) that if he had it his way he'd abolish our lottery because there are "better uses" for people's money than a lottery. $1-$5 a week for the hope of striking it big is a bad thing? $1-$5 a week invested in further funding our state's infrastructure is a bad thing? $1-$5 more invested in an education system which is #7 in the nation in passing the AP tests is a bad thing? And finally $1-$5 a week invested in the same education system that has one of the highest passage rates in the nation on some of the most rigorous standardized tests in the nation?

Now is the time for us to be holding our republican values (and I don't mean the party) more dearly than ever. The purpose of establishing a republic and not a new monarchy for our people was to break the cycle of tyranny. Let's remember what happened to the Roman Republic. By the same token, let's learn from the lessons of the past so the American Republic doesn't go the same way.

Please at least read the article you're linking to (and get the link [startribune.com] straight, while you're at it) before posting something like that.

In the article, the actual quotes attributed to Zimmerman show that he feels badly about the events, but in no way do they indicate that he feels responsible for them. I think this one sums it up (in regards to some hate mail he received):

"He raises some points that many people are raising right now, namely that terrorists can use the technology," Zimmermann said. "But it overlooks the strong need for good crypto."

Hiding tools from honest people only assures us that honest people suffer without benifit. Priciples of operation will always get out and the bad guys will always use those tools as they see fit. You can't hide crypto and we should all be using it to protect our privacy.

Here are some more people you can hate, if you still want to point a finger at Zimmerman:

The Wright brothers, for giving the terrorist a weapon.

Whittle, for developing the engines that powered that weapon.

Eifel, for giving the terrorist a target.

Diesel, for working out the use of heavier oil fuels that all jet aircraft use.

Oh yeah, don't forget that hideous man who invented the knife.

So go on and ban aviation, skyscrapers and knives as well as deadly crypto. The world will not be a better place!

I can imagine it, now: Mr Terrorist uses the encryption product for which his local government (for example, the Taliban) holds the back door key. The U.S. court sez that it wants to read the mail. The U.S. then sends a nice, polite letter to the Taliban asking for that key...

I'd like to see someone create a web database on politicians' voting records on issues relevant within the technical community (ideally with some kind of interface for selecting which issues you care about, and even in which direction). Hopefully, this would help people make more informed decisions, and, just the public knowledge that such a database is being compiled and published might influence legislative decisions a bit.

Anyhow, here is a small start. I would encourage anyone with additional data to post it right here. I'll try to add it to this list, and perhaps someone more ambitious will be able to browse the follow-ups and start a real web database on this.

United States House of Representatives:
Bob Goodlatte, Virginia, 6th District, Republican, Good
+ Co-sponsored lifting of encryption controls
+ Speaking out against encryption controls after World Trade
Center Bombing. http://news.cnet.com/news/0-1005-200-7249721.html

I have posted on this topic quite a few times before, but I must post again.

I enjoy working with encryption and number theory. I enjoy the theory behind encryption and why it works so successfully.. I will try to explain how it works (to a point) and this is a BIG reason why backdoored encryption can't work.

For this example: Assume use of RSA encryption

The way that this encryption works is it finds a function f[x] that is (to a point) one way. (NOTE: impossible [as of yet] to prove that it is a true one way function but the lower limit on finding the function has never been solved.. so for all purposes as of yet it is oneway). That is... f[k] == k' (k' being encrypted version of k). The way this works is that the function f[x] which is known by everyone and the value k' could be known by someone and still not be able to convert k' back to k. This is serious advanced number theory and requires very specialized hard-to-find functions.

To allow backdoors (that can be used without having a persons program but only the encoded message) is saying that the function f[x] must be modified to the point that there exists a function g[x] (for each SPECIALIZED function f[x] [that is, each persons f[x] is different, but g[x] must decode all of them]) that can decode any function f[x]'s input. Translation: f[k]==k' but g*[k']==k (for any function f[x] specialized). This function g[x] must be found when working out the base of the encryption product and once the function f[x] is worked out so g[x] exist, it stops being a one way function and therefor stops being useful.

So basically, if this happens, we might as all just encode our messages with rot13 and it will be the same as using any new "government approved" encryption... because someone somewhere WILL leak the functions g[x], whatever[x] (for each encryption product).

(For those who are curious, the reason each f[x] is tailored to a specific person is the picking of the keys allows a "trapdoor" as RSA puts it: another part of the function f[x] that is not mandated at production time. Of course, if a g[x] can decrypt the f[x] (no matter specialized) then the trapdoor theory is useless and serves no purpose therefor weakening it to a childs toy)

And yes, I know I am speaking to the choir here.. the thing is a long time ago I was reading slashdot when someone spoke about encryption and the basics of encryption theory.. it got me interested enough to look at it myself and now I am intrigued by it and am always learning more. My example may have small errors in it.. I hope someone can call me on them if they notice--> its always best to be factually correct...

Assuming g[x] is based on some codebreaking technique which the academic community doesn't know but the NSA does. For a time, differential cryptography would have worked. So, DES before the NSA made it more secure could have been used for this.

Still, the academic community could catch up any time, so this is not a good strategy.

Other forms of back doors exist - consider PGP ADKs (assuming the implementation weren't broken). They don't reduce the security of the system significantly, but they do provide a backdoor. Of course, this assumes that their use can be mandated, which we all know is impossible.

Thats a very interesting point -- one of which I did not think of at all...

Of course, since public keys would be different lengths, then the encoded message "public key" that you mentioned would be some length X. Say, we can guess that X will be AT LEAST >= 15-20. So one could safely remove the last 15 characters and replace with A's or what have you, and the decryption of it by the intended recipient will not be affected (b/c the decryption will not be affected at all by the backdoor encryption) but won't allow the government to read it.

Now this is a way that encryption companies could make their product "compliant" with regulations, while also thumbing their nose at them. Very cute -- thanks for the heads up!

In order to support a backdoor, all the software has to do is encrypt the random key with the backdoor public key and append it to the header of the message.
This doesn't require any compromise of the security of the algorithms themselves. In fact, if you send an encrypted message to more than one recipient with the current version of PGP, you're doing exactly the same thing.The compromise in security from a backdoor is that *every* message everywhere would be immediately and irrevocably exposed if the backdoor private key is ever discovered. It makes a very tantalizing target.

One way of doing this which does give some degree of damage limitation. Is whenever a PGP keyset is generated you actuallt generate 2 keysets. The second private key is encrypted with the public key of spies@evesedroppers.gov and emailed to them. Then everytime you send a PGP email it's also encrypted with the spies@evesdroppers.gov public key unique to you...

Which brings about the same problem we had in the first place: when spies@evesdroppers.gov's private key gets leaked (or cracked by a distributed effort), anyone who was recording those key transfers will immediately have access to all messages encrypted with them.

One of the big things that makes PGP secure is that there is no single point of failure. Any compromise of this compromises the security of PGP.

The other problem is with Kerberos and IPSEC, how do you plan to send all the keys for those elsewhere. I know I'd fire anyone who copied those keys anywhere.

Which brings about the same problem we had in the first place: when spies@evesdroppers.gov's private key gets leaked (or cracked by a distributed effort), anyone who
was recording those key transfers will immediately have access to all messages encrypted with them.

It's les bad than the initial senario of only having one "backdoor key". Here someone needs to not only get hold of the "spooks key" (which can be changed frequently anyway) but also intercept enough communications to work out which backdoor key they need.

What you are saying is that a message would be first encryped with the recipients public key. Then you would encrypt the same message with the governments public key. Possibly interleaving the governments encryped information with the recipients information such that you couldnt just delete the intended government block. This is what I am assuming you mean.

The problem I see here, of course, is that this is effectively doubling the size of the message. It is worth noting that companies use encryption to encrypt valuable trade secrets, and doubling the size of data certainly isnt a good thing. Also, if the companies that manufacture the encryption software release (open) their specs as to if there is a fixed interleaving of governmentmsg and recipientmsg then the governmentmsg could be replaced by, say, A's or another interesting message.

Of course, if this takes hold and the companies release their source, then it would be fairly trivial to just omit the section dealing with creation of a government message in the first place.

Of course, the government private key will be found out. The problem is that "law abiding citizens" will be using this government key (while the criminals do as I suggested), therefor citizens give up their rights to solve nothing...

Somebody needs to shine the Flashlight of Reason into the Dark Corner of Stupidity don't you think?

How can this possibly be enforced? I have books, and files on my computer, describing most common encryption and public key methods. I could almost write an RSA encryption program from memory, and I certainly could write a program to XOR with a LFSR or a one-time pad.

The dumbed down articles always talk about how "complex" and "sophisticated" encryption is, but it's not really that complex, once you know the formulas. Anyone with high-school math could probably understand many of the algorithms. You could explain a one-time pad in terms of adding and subtracting.

And what is a legal definition of encryption anyway? If I XOR all my files with a constant byte, or if my ISP or the FBI happens to be looking and they don't recognize the file format and somebody calls the cops, how the hell am I going to explain how it's not encryption? Or will it be like the DMCA, and encryption will be anything they feel like.

And are they going to somehow take away my SSH that I use almost every day to do work as a sysadmin? I get paid to secure systems, should I tell my clients "This encryption is difficult to crack. Except for the government and anyone else who figures out the back door. Sorry."

From what I've seen, the bill would prohibit the distribution of encryption software that doesn't have the backdoor. This is relatively enforceable. What makes you think the bill outlaws encrypted communications?

Once again, geeks are treating the government like a computer, and expecting some "edge case" to cause a crash. It won't work that way. The intent of the bill will be clear, and judges will follow that intent. Look at Kaplan/DMCA.

So, if you send an email in Navajo, that is in no way a violation of the proposed bill. But if you distribute software that encrypts communications into something like Navajo, and you don't use the backdoor, that is in violation of the bill.

It almost seems like you're deliberately not getting it, in order to attack a strawman. I oppose this bill for the one sound reason: because it is a Fourth Amendment violation.

Sen. Judd Gregg also reintroduced legislation to make the value of pi equal to 3. "We cannot afford the inefficiencies resulting from the oddball values of pi some fringe academics have dreamed up. Our new wartime economy must be efficient, and to help with this effort, Congress will adopt legislation that will greatly simplify the design of common military hardware like wheels and gears," said Sen. Judd Gregg in a televised statement.

A locked door does not prevent the police from entering a house with a search warrant. There are plenty of physical means for breaking down a door to gain entry into a person's house. A key is not necessary. However, with encrypted data, even if the police receive a warrant, they will have no way of searching through a person's secured data

I don't understand how people can argue that just because data is stored on a person's computer, it should somehow be impervious to search warrants. Why should encryption necessarily give people more rights then they had a decade ago?

No one on slashdot has had any problems with the FBI searching through the former residences of the suspects of the WTC attack. However, the slashdot crowed would be up in arms if the FBI somehow was able to search through encrypted data on their computers. What if an encrypted e-mail existed that could conclusively link the highjackers with Osama Bin Laden? That piece of evidence could be enough to convince the Taliban to turn the guy over, and thus, prevent a war. Unfortunately, given the current state of encryption, this piece of evidence could never be decrypted and used.

If there is a technical means to restore the power of a search warrant, I'm all for it. While it might not stop the truly determined criminal, some crimes probably could be prevented, and as long as it's implemented correctly, no loss of personal freedoms would occur.

Obviously, there needs to be safe guards protecting law abiding citizens from illegal search and seizure by the government by ensuring that only the intended recipient and those with a warrant can decrypt secure messages. Perhaps, this can never be accomplished, which would mean that this legislation should not be enacted. But if the law required that all encrypted messages be encrypted with both the public key of the recipient and the public key of some government agency, then I think the above goals could be meant. While I respect arguments concerning the technical feasibility of such a scheme, I don't respect people who argue that unbreakable encryption should somehow be an inalienable right.

Do I have a right to speak to my woman friend or wife or children in private? If I do, then I have the right to unbreakable encryption.

You don't have this right if a law enforcement agency has obtained permission to tap your telephone line via a court order. Again, if you use unbreakable encryption, there's no longer away to accomplish this. If a court order hasn't been obtained, not only is it illegal to listen to your private conversation, anything gained through these means is inadmissible.

You don't have this right if a law enforcement agency has obtained permission to tap your telephone line via a court order.

That simply gives them the right to intercept the comminication. Otherwise when a tap was put on they would also need to put on a recorded message obliging people only to use certain languages and avoid slang...

OK, so how can we come up with a system that makes searching your communications as hard, noisy, public, and time-consuming as searching your house? The digital era is confronting us with a certain template that keeps repeating: where once there was a balance of power between two parties, now the power wants to slide all to one side or the other.

In copyright, it used to be possible to copy a book or a record. But it was time consuming, and the result was not as good as the original. However, it was worthwhile if the work was out of print, and the threat of copying prevented many abuses by publishers. With digital technology, it seems we have to choose between a world of unrestricted, cheap, perfect copying, and a world of draconian restrictions and no copying at all.

Likewise with this issue of search. It doesn't bother me in principle that the government can search my communications - I just don't want it to be so cheap, easy, fast and invisible that it's automated into a huge vacuum-cleaner system. But I see no way to restore the pre-digital balance.

I think we all know that the need for a search warrant is not meaningful in itself. Some trustworthy technical barrier needs to impede these searches

I dismissed privacy concerns as being currently out of fashion. I *wish* that I had done the same for practicality concerns, because we all agree that truly controlling the flow of such information is impossible.

I emphasized that there are many different crypto channels, and to be effective they'd have to weaken every one of them, because terrorists could simply shift to a different channel if, for instance PGP email were back-doored or weakened.

Then I explained that any inserted backdoor could be rediscovered within a reasonable time. I wish I had had access to the Clipper references mentioned here. But I was also struggling to keep this on one side of one page, so perhaps it doesn't matter.

Finally I added that the safety of our financial and network infrastructure depends on some of these alternate crypto channels, and to compromise them would put us at risk. SSH and https: were mentioned examples.

Much has been said over the last week about the government's ability to enforce such a law. One groups says that outlaws and terrorist will obviously refuse to use such weak encryption and others respond that law enforcement will then be able to indict them for violation of the back door law.

This second argument is specious for two reasons.

First, any law forbidding strong encryption without a back door could be binding on the sender of messages only. The receiver of a message encrypted without a back door could hardly be held legally liable for the action of another. Therefore, if the head of a terrorist organization outside of the US used strong encryption to send messages to terrorists inside the US, no law has been broken. The backdoor law is not extra-territorial and cannot ban someone outside the US from using non-backdoor encryption, and the receiver in the US cannot be held liable simply for receiving such a message.

Second, the argument assumes that law enforcement can somehow detect whether or not a message is encrypted using a backdoor program or not. The ability for law enforcement to archive messages and search through their contents is truly staggering, but it is not all powerful. It takes many many computer cycles to sift through unencrypted data searching for words or phrases in order to be useful at all. There is no indication that anyone would have the computational power to sift through archived messages to determine if a message is encrpted or not, yet alone whether it was encrypted with lawful or unlawful software. Making such a determination on the fly would be absolutely impossible.

Unless, of course, messages encrypted with compliant software contained flags set at specific bits to alert law enforcement to the presence of lawfully encrypted text. If that was the case, however, terrorist and other non-crypto-law abiding people could simply alter the open source code for their non-compliant crypto package to add the special bits. Law enforcement would still be unable to determine on the fly whether a message was lawfully encrypted or not.

That leaves them only one alternative. They would have to try to decode all encrypted messages on the fly in order to determine which were lawfully encrypted. That action in and of itself would violate the privacy rights of anyone whose message was decrypted simply to determine if it was lawfully encrypted.

Furthermore (or more precisely, once again), the ability to capture all messages and attempt to decrypt them on the fly in order to determine which where lawful and which were not is currently a technologically impossible task.

You don't need to proactively prosecute people for breaking the back-door law for it to be effective. Once, you've obtained a search warrant for a person, you have access to his or her data. At that point, you can determine if their data has been "legally" encrypted. If it hasn't, you can choose to prosecute them on that charge unless they give you the keys to decrypt the data.BR

If you don't need a warrant to decrypt messages, then this law is crap, and would destroy our basic fourth amendment protection. However, the law seems to only apply to suspected terrorists (no doubt it would be applied to other criminal activity as well):

Computer software companies would have to install a backdoor for law enforcement agencies to unscramble secret messages on phones, e-mails and other communications used by suspected terrorists, under a proposal by U.S. Sen. Judd Gregg, R-N.H.

So, if there is enough evidence for someone to be labeled a suspected terrorist, then a search warrant could probably be obtained.

However, given today's climate, those who speak Arabic, are Muslim and anyone else from a Middle Eastern country will probably be labeled a suspected terrorist. If this means that the government can now monitor all their communications, then the terrorists have done significantly more damage then simple destroying the WTC, they've destroyed some of our most fundamental liberties.

Based in San Francisco, EFF is a donor-supported membership organization working to protect our fundamental rights regardless of technology; to educate the press, policymakers and the general public about civil liberties issues related to technology; and to act as a defender of those liberties. Among our various activities, EFF opposes misguided legislation, initiates and defends court cases preserving individuals' rights, launches global public campaigns, introduces leading edge proposals and papers, hosts frequent educational events, engages the press regularly, and publishes a comprehensive archive of digital civil liberties information at one of the most linked-to websites in the world.

And it needs our support to ensure that it is forever capable of supporting us against legislation that seeks to eliminate our rights and privacies.

1. It's a total waste of time unless you have a plan to force the terrorists to use weak encryption.
2. Centralized key escrow creates a single point of failure for our national cybersecurity infrastructure.
3. Strong crypto can be defeated and has been defeated in the real world. You use existing wiretap laws to implement keyboard sniffers and the like to grab cleartext.
4. You have to be prepared to use keyboard sniffers ANYWAY, because the terrorists aren't going to comply with your law.
5. The bill violates the free speech rights of ordinary citizens and businesses. Conversion from already deployed strong crypto to crippled crypto is an effort comparable to Y2K.
6. Stop using this as an excuse for the intelligence failure. It's bogus. These terrorists made credit card purchases, airline reservations, flight school training, apartment leases using real names sometimes even on our "watch list".
7. Are we really willing to punish otherwise law abiding citizens who fail to register their crypto key? Who needs terrorists when the governement will destroy your rights for you?
8. Security cannot be achieved by weakening security. What is security if not the protection of citizen's rights?
9. The law cannot be enforced, and it's violation isn't even detectable. If you find an encrypted message, how will you know it wasn't made before the ban?

Bad guys aren't going to play by the rules and will use encrption anyway.

More likely they will NOT use encryption anyway. They would only send encrypted email if more than 50% of emails were encrypted...Someone really needs to write "Terrorism for Dummies", with the intended readership law enforcement!

but rumour has it that the NSA can crack 128bit encryption (read: this has NOTHING to do with key size - a 128bit key or a 1024bit key, it's all the same). From a semi-reliable source the NSA has been funding a massive cryptology group to essentially find mathmatical weeknesses in many of our popular algorithms. Personally, I don't believe this is true, but it makes me think twice. If this is true, the reason this legislation is coming about is because the NSA doesn't share crap with the FBI, and very little with the CIA, and it's the FBI and the CIA that want it all. Food for thought.

The US Govt didn't get out of Vietnam until the people threatened a revolution.

And the US people didn't give the FBI, CIA and airport security the people and resources they needed until the WTC came down.

You can yell at the public all you want, but until they suffer for their folly, they won't listen. We may just have to suffer the absence of encryption until some terrorist wipes out a few million bank records, or until a few million PC users ignore the law.

What makes these fools think that bin Laden and organizations like Al-Qaida are going to start using their escrowed encryption programs? The only people who are going to be using this escrowed encryption are your people, your law-abiding citizens. Not even terrorists who enter the US are going to use it, obviously. Most of them may be psychos, but they are not stupid of course. If they were, they would have met their end long ago. In the meantime, someone is going to reverse engineer how you do your key escrow, and then everyone in the world who doesn't have a DMCA-like law can read escrowed encryption traffic after they reverse engineer the new chip that provides it. It may require the resources of a large semiconductor corporation to do the reverse engineering, but once that has been done, end of story.

Hopefully the NSA will do everything to make sure that your escrowed encryption is as perfect as it can be, but given the Agency's track record, I would be wary. Besides, the civilian research into key recovery systems (mostly from Silvio Micali's research, to whom the government paid $1,000,000 for use of his patents in the old Fortezza/Clipper chip) has been somewhat unpromising, and there are many complex security problems involved. What if someone cracks the escrow agency's database? The keys are going to start circulating among the rest of the world's intelligence agencies and terrorist organizations by then.

In the meantime your largely ignorant populace [slashdot.org] is going to start taking active measures to make themselves available for surveillance, in the misguided belief that this will help the security of your nation. It won't, not in any meaningful sense, but makes it far easier for Big Brother to start listening in on everything. Welcome to the American Empire.

According to a recent CNN poll, 57% of Americans say they would "willingly allow the government to read their email to help the fight against terrorism". I'd post the link but CNN's search engine sucks. It was on the Wolf Blitzer special report page yesterday, 9/20/2001.

We live in a democracy: clearly, if people here want to trade freedom for the illusion of security, that's what's going to happen. Especially if big corporations back the same laws, albeit for different reasons.

Between the people and corporations here in America, nobody really wants privacy. Nevermind little issues like your credit cards selling your purchasing habits; people are ready to live in glass houses and let the government and big business watch every bit of communication with the hope of making an arrest or a sale.

It's all for our own good, of course, since apparently Americans no longer believe that they are capable of taking care of themselves, and they no longer trust each other, and that massive government and corporate intervention is the only way to right matters.

It's a psychotic vicious circle: the more we abdicate responsibility, the more we need someone to take care of us, and the worse things get. What a surprise.

Sorry for the rant. Here's the bottom line: if you truly value freedom and privacy, the US is no longer the country for you. The aging population is tired of that sh*t, and has long since traded in principle for pragmatism. The odds of making a difference by writing letters are roughly the same as those of being suddenly turned into a 200 foot tall statue of the Marx Brothers.

So, write your letters. Make your calls. But when it really starts coming down, remember that you can vote with your feet: there are plenty of countries out there that are still civilized and that still respect the individual, and until the real exodus starts, almost every country will happily take the best and the brightest from the US, even if they are geeks / libertarians / gays / goths / vegans / anyone else who may not quite fit in to a mainstream police state.

-b

PS: don't bother replying with bogus patriotic "if you hate the US, leave" messages. In fact, I love the US, and have done more to demonstrate that than you'll ever know. But love does not necessitate blind jingoism, as some would have it.

For one of these congressional hearings, could a knowelgable person take the crypto bible with them and a porable computer with standard components and "implement" a simple crypto while the session is going on; just to demonstrate that this is common technology. I'm sure that they have some idea that there are N products out there by N companies and that people must buy one of these products; and that these companies can get together (like Microsoft) and force the world to upgrade to the new back-door enabled version. At least, I'm sure this is what Microsoft people are telling the legislature. So... they may not be technical, but they do trust their Microsoft lobbyist; after all, they've constructed the worlds best desktop operating system and tools, of course they know what they are talking about.

"Monday 9/24, noon, at the Mattin Center: U.S. Representative Constance Morella (8th District of Maryland) will talk regarding Information Security and Privacy."

The Mattin Center is the new arts building on the campus of Johns Hopkins University. I'll be showing up and a hope others will as well.
If you want directions or more info please respond to this post.

When I think about what the legislators are trying to do, closing stable doors after the horses have bolted comes immediately to mind. How are they going to persuade terrorists to use this form of encryption?

* Sibyl of Prague, an old woman (17th century) "From the east a dragon will come, terrible to look at, because from its 9 times 99 eyes (1999?), mortal rays will be emitted and a poisonous air leaves its mouth".

Probably if they spent as much money investing in supercomputers as implementing this proposed law, they might be able to approach real-time decryption of messages. They can look to Google for a good example of building an inexpensive supercomputer. They could probably implement a "Private Key Cache" [Patent Pending, BTW] to try on subsequent messages from the same sender before resorting to other methods.

I think the bill is about distributing encryption software, not send encrypted bytes. Therefore, your point of vulnerability would be distribution. You couldn't use the web or ftp. You could try gnutella or freenet. But would you trust crypto software of unknown origin? If you write "supercrypto" and I download it from freenet, how do I know it hasn't been backdoored by some third party? Digital signature? What if I have the wrong public key for you?

If the government can disrupt the normal, overt channels of communication for crypto software and development, they can do huge damage. I'll never feel comfortable with crypto software that hasn't had substantial peer review, and this scheme could prevent that.

For the kind of limited-scope communications involved in a terrorist mission (they've already decided the basic plan face-to-face; they only need to coordinate where and when to strike), they can just develop a small set of code phrases. This can be minimized to just two codes -- one for "go ahead" and one for "scrub the mission and meet to discuss new plans".